package io.renren.modules.sys.controller;

import java.util.List;
import java.util.Map;

import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.crypto.hash.Sha256Hash;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import io.renren.common.annotation.SysLog;
import io.renren.common.constant.Code;
import io.renren.common.utils.Constant;
import io.renren.common.validator.Assert;
import io.renren.common.validator.ValidatorUtils;
import io.renren.common.validator.group.AddGroup;
import io.renren.common.validator.group.UpdateGroup;
import io.renren.common.vo.PageInfo;
import io.renren.common.vo.RV;
import io.renren.modules.sys.entity.User;
import io.renren.modules.sys.form.PasswordForm;
import io.renren.modules.sys.service.UserRoleService;
import io.renren.modules.sys.service.UserService;

/**
 * 系统用户
 * 
 * @author chenshun
 * @email sunlightcs@gmail.com
 * @date 2016年10月31日 上午10:40:10
 */
@RestController
@RequestMapping("/sys/user")
public class UserController extends AbstractController {
	@Autowired
	private UserService userService;
	@Autowired
	private UserRoleService userRoleService;


	/**
	 * 所有用户列表
	 */
	@GetMapping("/list")
	@RequiresPermissions("sys:user:list")
	public RV list(@RequestParam Map<String, Object> params){
		//只有超级管理员，才能查看所有管理员列表
		if( !Constant.SUPER_ADMIN.equals(getUserId())){
			params.put("createUserId", getUserId());
		}
		

		return new PageInfo<>(userService.queryPage(params));
	}
	
	/**
	 * 获取登录的用户信息
	 */
	@GetMapping("/info")
	public RV info(){
		return RV.ok(getUser());
	}
	
	/**
	 * 修改登录用户密码
	 */
	@SysLog("修改密码")
	@PostMapping("/password")
	public RV password(@RequestBody PasswordForm form){
		Assert.isBlank(form.getNewPassword(), "新密码不为能空");
		
		//sha256加密
		String password = new Sha256Hash(form.getPassword(), getUser().getSalt()).toHex();
		//sha256加密
		String newPassword = new Sha256Hash(form.getNewPassword(), getUser().getSalt()).toHex();
				
		//更新密码
		boolean flag = userService.updatePassword(getUserId(), password, newPassword);
		if(!flag){
			return RV.fail(Code.COODE_USER_O3,"原密码不正确");
		}
		
		return RV.ok();
	}
	
	/**
	 * 用户信息
	 */
	@GetMapping("/info/{userId}")
	@RequiresPermissions("sys:user:info")
	public RV info(@PathVariable("userId") String userId){
		User user = userService.selectById(userId);
		
		//获取用户所属的角色列表
		List<String> roleIdList = userRoleService.queryRoleIdList(userId);
		user.setRoleIdList(roleIdList);
		
		return RV.ok(user);
	}
	
	/**
	 * 保存用户
	 */
	@SysLog("保存用户")
	@PostMapping("/save")
	@RequiresPermissions("sys:user:save")
	public RV save(@RequestBody User user){
		ValidatorUtils.validateEntity(user, AddGroup.class);
		
		user.setCreateUserId(getUserId());
		userService.save(user);
		
		return RV.ok();
	}
	
	/**
	 * 修改用户
	 */
	@SysLog("修改用户")
	@PostMapping("/update")
	@RequiresPermissions("sys:user:update")
	public RV update(@RequestBody User user){
		ValidatorUtils.validateEntity(user, UpdateGroup.class);

		user.setCreateUserId(getUserId());
		userService.update(user);
		
		return RV.ok();
	}
	
	/**
	 * 删除用户
	 */
	@SysLog("删除用户")
	@PostMapping("/delete")
	@RequiresPermissions("sys:user:delete")
	public RV delete(@RequestBody String[] userIds){
		
		
		userService.deleteBatch(userIds);
		
		return RV.ok();
	}
}
